opal-security 3.0.1-beta.4262451 → 3.0.1-beta.cbf0332

package/README.md

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/3.0.1-beta.4262451 linux-x64 node-v20.19.0
+opal-security/3.0.1-beta.cbf0332 linux-x64 node-v20.19.0
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -34,23 +34,24 @@ USAGE
 
 <!-- commands -->
 * [`opal autocomplete [SHELL]`](#opal-autocomplete-shell)
-* [`opal aws:identity`](#opal-awsidentity)
+* [`opal aws identity`](#opal-aws-identity)
 * [`opal clear-auth-provider`](#opal-clear-auth-provider)
 * [`opal curl-example`](#opal-curl-example)
 * [`opal help [COMMANDS]`](#opal-help-commands)
-* [`opal iam-roles:start`](#opal-iam-rolesstart)
-* [`opal kube-roles:start`](#opal-kube-rolesstart)
+* [`opal iam-roles start`](#opal-iam-roles-start)
+* [`opal kube-roles start`](#opal-kube-roles-start)
 * [`opal login`](#opal-login)
 * [`opal logout`](#opal-logout)
-* [`opal postgres-instances:start`](#opal-postgres-instancesstart)
-* [`opal resources:get`](#opal-resourcesget)
+* [`opal postgres-instances start`](#opal-postgres-instances-start)
+* [`opal request ls`](#opal-request-ls)
+* [`opal resources get`](#opal-resources-get)
 * [`opal set-auth-provider`](#opal-set-auth-provider)
 * [`opal set-custom-header`](#opal-set-custom-header)
 * [`opal set-token`](#opal-set-token)
 * [`opal set-url [URL]`](#opal-set-url-url)
-* [`opal ssh:copyFrom`](#opal-sshcopyfrom)
-* [`opal ssh:copyTo`](#opal-sshcopyto)
-* [`opal ssh:start`](#opal-sshstart)
+* [`opal ssh copyFrom`](#opal-ssh-copyfrom)
+* [`opal ssh copyTo`](#opal-ssh-copyto)
+* [`opal ssh start`](#opal-ssh-start)
 * [`opal version`](#opal-version)
 
 ## `opal autocomplete [SHELL]`
@@ -82,13 +83,13 @@ EXAMPLES
 
 _See code: [@oclif/plugin-autocomplete](https://github.com/oclif/plugin-autocomplete/blob/v1.4.6/src/commands/autocomplete/index.ts)_
 
-## `opal aws:identity`
+## `opal aws identity`
 
 Gets the current caller identity for the "opal" AWS profile.
 
 ```
 USAGE
-  $ opal aws:identity [-h]
+  $ opal aws identity [-h]
 
 FLAGS
   -h, --help  Show CLI help.
@@ -100,7 +101,7 @@ EXAMPLES
   $ opal aws:identity
 ```
 
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/aws/identity.ts)_
 
 ## `opal clear-auth-provider`
 
@@ -120,7 +121,7 @@ EXAMPLES
   $ opal clear-auth-provider
 ```
 
-_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/clear-auth-provider.ts)_
+_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/clear-auth-provider.ts)_
 
 ## `opal curl-example`
 
@@ -137,7 +138,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
 
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/curl-example.ts)_
 
 ## `opal help [COMMANDS]`
 
@@ -159,13 +160,13 @@ DESCRIPTION
 
 _See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v5.2.20/src/commands/help.ts)_
 
-## `opal iam-roles:start`
+## `opal iam-roles start`
 
 Starts a session to assume an IAM role.
 
 ```
 USAGE
-  $ opal iam-roles:start [-h] [-i <value>] [-s <value>] [-r] [--profileName <value>]
+  $ opal iam-roles start [-h] [-i <value>] [-s <value>] [-r] [--profileName <value>]
 
 FLAGS
   -h, --help                 Show CLI help.
@@ -187,15 +188,15 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
 
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/iam-roles/start.ts)_
 
-## `opal kube-roles:start`
+## `opal kube-roles start`
 
 Starts a session to assume a Kubernetes cluster IAM role.
 
 ```
 USAGE
-  $ opal kube-roles:start [-h] [-i <value>] [-a <value>] [-s <value>] [-r]
+  $ opal kube-roles start [-h] [-i <value>] [-a <value>] [-s <value>] [-r]
 
 FLAGS
   -a, --accessLevelRemoteId=<value>  The remote ID of the access level with which to access the resource.
@@ -218,7 +219,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
 
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/kube-roles/start.ts)_
 
 ## `opal login`
 
@@ -239,7 +240,7 @@ EXAMPLES
   $ opal login
 ```
 
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/login.ts)_
 
 ## `opal logout`
 
@@ -259,15 +260,15 @@ EXAMPLES
   $ opal logout
 ```
 
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/logout.ts)_
 
-## `opal postgres-instances:start`
+## `opal postgres-instances start`
 
 Starts a session to connect to a Postgres database.
 
 ```
 USAGE
-  $ opal postgres-instances:start [-h] [-i <value>] [-a <value>] [-s <value>] [-r] [--action psql|view]
+  $ opal postgres-instances start [-h] [-i <value>] [-a <value>] [-s <value>] [-r] [--action psql|view]
 
 FLAGS
   -a, --accessLevelRemoteId=<value>  The remote ID of the access level with which to access the resource.
@@ -296,15 +297,30 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
 
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/postgres-instances/start.ts)_
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/postgres-instances/start.ts)_
 
-## `opal resources:get`
+## `opal request ls`
+
+Lists access requests
+
+```
+USAGE
+  $ opal request ls
+
+DESCRIPTION
+  Lists access requests
+
+ALIASES
+  $ opal request ls
+```
+
+## `opal resources get`
 
 Get resource info for a particular resource.
 
 ```
 USAGE
-  $ opal resources:get [-h] [-i <value>]
+  $ opal resources get [-h] [-i <value>]
 
 FLAGS
   -h, --help        Show CLI help.
@@ -317,7 +333,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/resources/get.ts)_
 
 ## `opal set-auth-provider`
 
@@ -343,7 +359,7 @@ EXAMPLES
   $ opal set-auth-provider --clientID 1234asdf --issuerUrl https://auth.example.com
 ```
 
-_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/set-auth-provider.ts)_
+_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/set-auth-provider.ts)_
 
 ## `opal set-custom-header`
 
@@ -364,7 +380,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
 
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/set-custom-header.ts)_
 
 ## `opal set-token`
 
@@ -384,7 +400,7 @@ EXAMPLES
   $ opal set-token
 ```
 
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/set-token.ts)_
 
 ## `opal set-url [URL]`
 
@@ -408,15 +424,15 @@ EXAMPLES
   $ opal set-url
 ```
 
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/set-url.ts)_
 
-## `opal ssh:copyFrom`
+## `opal ssh copyFrom`
 
 Use SCP to copy files from a compute instance.
 
 ```
 USAGE
-  $ opal ssh:copyFrom --src <value> [-h] [--dest <value>] [--user <value>] [-i <value>] [-s <value>]
+  $ opal ssh copyFrom --src <value> [-h] [--dest <value>] [--user <value>] [-i <value>] [-s <value>]
 
 FLAGS
   -h, --help               Show CLI help.
@@ -439,15 +455,15 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/ssh/copyFrom.ts)_
 
-## `opal ssh:copyTo`
+## `opal ssh copyTo`
 
 Use SCP to copy files to a compute instance.
 
 ```
 USAGE
-  $ opal ssh:copyTo --src <value> [-h] [--dest <value>] [--user <value>] [-i <value>] [-s <value>]
+  $ opal ssh copyTo --src <value> [-h] [--dest <value>] [--user <value>] [-i <value>] [-s <value>]
 
 FLAGS
   -h, --help               Show CLI help.
@@ -470,15 +486,15 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/ssh/copyTo.ts)_
 
-## `opal ssh:start`
+## `opal ssh start`
 
 Starts an SSH session to access a compute instance.
 
 ```
 USAGE
-  $ opal ssh:start [-h] [-i <value>] [-s <value>] [-r]
+  $ opal ssh start [-h] [-i <value>] [-s <value>] [-r]
 
 FLAGS
   -h, --help               Show CLI help.
@@ -497,7 +513,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.4262451/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.0.1-beta.cbf0332/src/commands/ssh/start.ts)_
 
 ## `opal version`
 
@@ -517,5 +533,5 @@ FLAG DESCRIPTIONS
     Additionally shows the architecture, node version, operating system, and versions of plugins that the CLI is using.
 ```
 
-_See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.0.12/src/commands/version.ts)_
+_See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.2.27/src/commands/version.ts)_
 <!-- commandsstop -->

package/bin/run

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 
-const engineMajorVersion = parseInt(process.version.slice(1).split('.'));
+const engineMajorVersion = Number.parseInt(process.version.slice(1).split('.'));
 if (engineMajorVersion < 18) {
   console.log("Opal CLI requires Node v18.0.0 or later to run.")
   process.exit(1)

package/lib/commands/request/create.d.ts

@@ -0,0 +1,6 @@
+import { Command } from "@oclif/core";
+export default class RequestCreate extends Command {
+    static hidden: boolean;
+    static description: string;
+    run(): Promise<void>;
+}

package/lib/commands/request/create.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const requests_1 = require("../../lib/requests");
+const displays_1 = require("../../utils/displays");
+const utils_1 = require("../../utils/utils");
+class RequestCreate extends core_1.Command {
+    async run() {
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
+        const requestMap = new Map();
+        (0, displays_1.headerMessage)();
+        let shouldProceed = false;
+        while (!shouldProceed) {
+            // Step 1: Select first round of assets from an app
+            await (0, requests_1.selectRequestableItems)(requestMap);
+            // Step 2: Display the selected items in a tree format
+            (0, displays_1.headerMessage)();
+            console.log((0, displays_1.treeifyRequestMap)(requestMap), "\n");
+            // Step 3: Prompt to add more items, repeat 1-3 if needed
+            shouldProceed = await (0, requests_1.doneSelectingAssets)();
+        }
+        // Step 4: Prompt for reason
+        const { reason } = await (0, requests_1.promptForReason)();
+        // Step 5: Prompt for expiration
+        const { expiration } = await (0, requests_1.promptForExpiration)();
+        // Step 6: Display final summary of request
+        (0, displays_1.displayFinalRequestSummary)(requestMap, reason, expiration);
+        // Step 7: Prompt for final submition
+        await (0, requests_1.submitFinalRequest)();
+    }
+}
+RequestCreate.hidden = true;
+RequestCreate.description = "Opens an Opal access request";
+exports.default = RequestCreate;

package/lib/commands/request/get.d.ts

@@ -0,0 +1,6 @@
+import { Command } from "@oclif/core";
+export default class RequestGet extends Command {
+    static hidden: boolean;
+    static description: string;
+    run(): Promise<void>;
+}

package/lib/commands/request/get.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const utils_1 = require("../../utils/utils");
+class RequestGet extends core_1.Command {
+    async run() {
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
+        this.log("Running the get command");
+    }
+}
+RequestGet.hidden = true;
+RequestGet.description = "Lists access requests";
+exports.default = RequestGet;

package/lib/commands/request/list.d.ts

@@ -0,0 +1,7 @@
+import { Command } from "@oclif/core";
+export default class RequestList extends Command {
+    static hidden: boolean;
+    static description: string;
+    static aliases: string[];
+    run(): Promise<void>;
+}

package/lib/commands/request/list.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const utils_1 = require("../../utils/utils");
+class RequestList extends core_1.Command {
+    async run() {
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
+        this.log("Running the list command");
+    }
+}
+RequestList.hidden = true;
+RequestList.description = "Lists access requests";
+RequestList.aliases = ["request:ls"];
+exports.default = RequestList;

package/lib/lib/requests.d.ts

@@ -0,0 +1,19 @@
+export interface AppNode {
+    appName: string;
+    assets: Map<string, AssetNode>;
+}
+export interface AssetNode {
+    assetName: string;
+    roles?: Map<string, RoleNode>;
+}
+export interface RoleNode {
+    roleName: string;
+}
+export type RequestMap = Map<string, AppNode>;
+export declare function selectRequestableItems(requestMap: RequestMap): Promise<void>;
+export declare function chooseAssets(app: string, requestMap: RequestMap): Promise<void>;
+export declare function chooseRoles(app: string, asset: string, requestMap: RequestMap): Promise<void>;
+export declare function doneSelectingAssets(): Promise<boolean>;
+export declare function promptForReason(): Promise<any>;
+export declare function promptForExpiration(): Promise<any>;
+export declare function submitFinalRequest(): Promise<void>;

package/lib/lib/requests.js

@@ -0,0 +1,118 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.selectRequestableItems = selectRequestableItems;
+exports.chooseAssets = chooseAssets;
+exports.chooseRoles = chooseRoles;
+exports.doneSelectingAssets = doneSelectingAssets;
+exports.promptForReason = promptForReason;
+exports.promptForExpiration = promptForExpiration;
+exports.submitFinalRequest = submitFinalRequest;
+const inquirer = require("inquirer");
+async function selectRequestableItems(requestMap) {
+    const { app } = await inquirer.prompt({
+        name: "app",
+        type: "list",
+        message: "Select App:",
+        choices: ["Github", "Google Groups", "MongoDB", "Primary AD Server"],
+    });
+    // Set the app in the requestMap and call choose assets step
+    if (!requestMap.has(app)) {
+        requestMap.set(app, {
+            appName: app,
+            assets: new Map(),
+        });
+    }
+    await chooseAssets(app, requestMap);
+}
+async function chooseAssets(app, requestMap) {
+    const { assets } = await inquirer.prompt({
+        name: "assets",
+        type: "checkbox",
+        message: "Select one or more items:",
+        choices: ["Asset 1", "Asset 2", "Asset 3", "Asset 4"],
+    });
+    const entry = requestMap.get(app);
+    for (const asset of assets) {
+        if (entry === undefined) {
+            throw new Error(`App ${app} not found in requestMap`);
+        }
+        if (!entry.assets.has(asset)) {
+            entry.assets.set(asset, {
+                assetName: asset,
+                roles: new Map(),
+            });
+        }
+        await chooseRoles(app, asset, requestMap);
+    }
+}
+async function chooseRoles(app, asset, requestMap) {
+    var _a;
+    const { roles } = await inquirer.prompt({
+        name: "roles",
+        type: "checkbox",
+        message: `Select one or more roles for ${asset}:`,
+        choices: ["push", "pull", "triage", "admin"],
+    });
+    const entry = requestMap.get(app);
+    const assetEntry = entry === null || entry === void 0 ? void 0 : entry.assets.get(asset);
+    if (entry === undefined || assetEntry === undefined) {
+        throw new Error(`App ${app} or Asset ${asset} not found in requestMap`);
+    }
+    for (const role of roles) {
+        (_a = assetEntry.roles) === null || _a === void 0 ? void 0 : _a.set(role, {
+            roleName: role,
+        });
+    }
+}
+async function doneSelectingAssets() {
+    const submitMessage = "✅ Yes, proceed with request";
+    const addMoreMessage = "❌ No, add more items";
+    const { submitOrAdd } = await inquirer.prompt([
+        {
+            name: "submitOrAdd",
+            message: "Is this all you want to request?",
+            type: "list",
+            choices: [submitMessage, addMoreMessage],
+        },
+    ]);
+    return submitOrAdd === submitMessage;
+}
+async function promptForReason() {
+    return await inquirer.prompt([
+        {
+            name: "reason",
+            message: "I need access to this because...",
+            type: "input",
+        },
+    ]);
+}
+async function promptForExpiration() {
+    return await inquirer.prompt([
+        {
+            name: "expiration",
+            message: "When should access expire?",
+            type: "list",
+            choices: ["1 hour", "1 day", "7 days", "30 days", "1 year", "Indefinite"],
+        },
+    ]);
+}
+async function submitFinalRequest() {
+    const submitMessage = "✅ Yes, submit request";
+    const cancelMessage = "❌ No, cancel request";
+    const { submit } = await inquirer.prompt([
+        {
+            name: "submit",
+            message: "Submit request?",
+            type: "list",
+            choices: [submitMessage, cancelMessage],
+        },
+    ]);
+    if (submit === submitMessage) {
+        const requestLink = "https://dev.opal.dev/requests/sent/05ca5d5f-ea60-4cdb-84e1-7e3c575b2b72"; //TODO: Replace with actual request link
+        console.log("\n🎉 Your Access Request has been submitted! Request ID: 1234");
+        console.log(`🔍 View request status here: ${requestLink}`);
+    }
+    else {
+        console.log("🚫 Access Request has been cancelled.");
+    }
+}

package/lib/utils/displays.d.ts

@@ -0,0 +1,4 @@
+import type { RequestMap } from "../lib/requests";
+export declare function headerMessage(): void;
+export declare function treeifyRequestMap(requestMap: RequestMap): string;
+export declare function displayFinalRequestSummary(requestMap: RequestMap, reason: string, expiration: string): void;

package/lib/utils/displays.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.headerMessage = headerMessage;
+exports.treeifyRequestMap = treeifyRequestMap;
+exports.displayFinalRequestSummary = displayFinalRequestSummary;
+const treeify = require("object-treeify");
+const Table = require("cli-table3");
+const tableStyle = {
+    top: "═",
+    "top-mid": "╤",
+    "top-left": "╔",
+    "top-right": "╗",
+    bottom: "═",
+    "bottom-mid": "╧",
+    "bottom-left": "╚",
+    "bottom-right": "╝",
+    left: "║",
+    "left-mid": "╟",
+    mid: "─",
+    "mid-mid": "┼",
+    right: "║",
+    "right-mid": "╢",
+    middle: "│",
+};
+function headerMessage() {
+    console.clear();
+    console.log("============================================================");
+    console.log("Opal Access Request ✏️");
+    console.log("Press Ctrl+C to cancel at any time.\n");
+}
+function treeifyRequestMap(requestMap) {
+    const requestTree = {};
+    for (const [appName, appNode] of requestMap.entries()) {
+        const appKey = `🔧${appName}`;
+        requestTree[appKey] = {};
+        for (const [assetName, assetNode] of appNode.assets.entries()) {
+            const assetKey = `📦${assetName}`;
+            if (assetNode.roles !== undefined) {
+                requestTree[appKey][assetKey] = {};
+                for (const [roleName, _] of assetNode.roles.entries()) {
+                    requestTree[appKey][assetKey][roleName] = null;
+                }
+            }
+            else {
+                requestTree[appKey][assetKey] = null;
+            }
+        }
+    }
+    return String(treeify(requestTree));
+}
+function displayFinalRequestSummary(requestMap, reason, expiration) {
+    headerMessage();
+    console.log("Final Summary of Request\n");
+    const requestedAssets = treeifyRequestMap(requestMap);
+    const table = new Table({
+        chars: tableStyle,
+    });
+    table.push(["Requested Assets", requestedAssets], ["Reason", reason], ["Expiration", expiration]);
+    console.log(table.toString());
+}

package/lib/utils/utils.d.ts

@@ -0,0 +1 @@
+export declare function restrictToDev(): void;

package/lib/utils/utils.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.restrictToDev = restrictToDev;
+/*
+Use restrictToDev function in the run functions of commands still in development-
+
+static hidden = true; # Use this in tandem with restrictToDev function to hide from help menu.
+async run() {
+    restrictToDev();
+    ...
+}
+*/
+function restrictToDev() {
+    if (process.env.NODE_ENV !== "development") {
+        console.error("Command still under development. Please look out for product announcements for official release.");
+        process.exit(1);
+    }
+}

package/oclif.manifest.json

@@ -554,6 +554,74 @@
         "start.js"
       ]
     },
+    "request:create": {
+      "aliases": [],
+      "args": {},
+      "description": "Opens an Opal access request",
+      "flags": {},
+      "hasDynamicHelp": false,
+      "hidden": true,
+      "hiddenAliases": [],
+      "id": "request:create",
+      "pluginAlias": "opal-security",
+      "pluginName": "opal-security",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": false,
+      "relativePath": [
+        "lib",
+        "commands",
+        "request",
+        "create.js"
+      ]
+    },
+    "request:get": {
+      "aliases": [],
+      "args": {},
+      "description": "Lists access requests",
+      "flags": {},
+      "hasDynamicHelp": false,
+      "hidden": true,
+      "hiddenAliases": [],
+      "id": "request:get",
+      "pluginAlias": "opal-security",
+      "pluginName": "opal-security",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": false,
+      "relativePath": [
+        "lib",
+        "commands",
+        "request",
+        "get.js"
+      ]
+    },
+    "request:list": {
+      "aliases": [
+        "request:ls"
+      ],
+      "args": {},
+      "description": "Lists access requests",
+      "flags": {},
+      "hasDynamicHelp": false,
+      "hidden": true,
+      "hiddenAliases": [],
+      "id": "request:list",
+      "pluginAlias": "opal-security",
+      "pluginName": "opal-security",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": false,
+      "relativePath": [
+        "lib",
+        "commands",
+        "request",
+        "list.js"
+      ]
+    },
     "resources:get": {
       "aliases": [],
       "args": {},
@@ -801,5 +869,5 @@
       ]
     }
   },
-  "version": "3.0.1-beta.4262451"
+  "version": "3.0.1-beta.cbf0332"
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "opal-security",
   "description": "Opal allows you to centrally manage access to all of your sensitive systems.",
-  "version": "3.0.1-beta.4262451",
+  "version": "3.0.1-beta.cbf0332",
   "author": "Stephen Cobbe",
   "bin": {
     "opal": "./bin/run"
@@ -15,6 +15,7 @@
     "@oclif/plugin-version": "^2.0.12",
     "argon2": "^0.40.1",
     "chalk": "^2.4.2",
+    "cli-table3": "^0.6.5",
     "graphql": "^15.5.0",
     "inquirer": "^8.2.6",
     "inquirer-autocomplete-prompt": "^2.0.1",
@@ -74,7 +75,8 @@
     ],
     "macos": {
       "identifier": "dev.opal.cli"
-    }
+    },
+    "topicSeparator": " "
   },
   "repository": {
     "type": "git",